cyber security
Threat Actors Embed Malware in WordPress Sites to Enable Remote Code Execution
Security researchers have uncovered a new wave of cyberattacks targeting WordPress websites through the exploitation of the "mu-plugins" (Must-Use plugins) directory.This directory, designed to load plugins automatically without...
cyber security
Massive “DollyWay” Malware Attack Compromises 20,000+ WordPress Sites Worldwide
A significant malware operation, dubbed "DollyWay," has been uncovered by GoDaddy Security researchers, revealing a sophisticated campaign that has compromised over 20,000 WordPress sites...
CVE/vulnerability
Over 10,000 WordPress Sites Exposed by Donation Plugin Code Execution Vulnerability
A critical security flaw in the widely used GiveWP – Donation Plugin and Fundraising Platform has left over 10,000 WordPress websites vulnerable to remote code execution...
cyber security
WordPress Admins Warned of Fake Plugins Injecting Malicious Links into Websites
A new wave of cyberattacks targeting WordPress websites has been uncovered, with attackers leveraging fake plugins to inject malicious links into site footers.These...
CVE/vulnerability
Millions of WordPress Websites Vulnerable to Script Injection Due to Plugin Flaw
A critical security vulnerability in the Essential Addons for Elementor plugin, installed on over 2 million WordPress websites, has exposed sites to script injection attacks via...
CVE/vulnerability
90,000 WordPress Sites Exposed to Local File Inclusion Attacks
A critical vulnerability (CVE-2025-0366) in the Jupiter X Core WordPress plugin, actively installed on over 90,000 websites, was disclosed on January 6, 2025.The flaw...
cyber security
Arbitrary File Upload Vulnerability in WordPress Plugin Let Attackers Hack 30,000 Website
A subgroup of the Russian state-sponsored hacking group Seashell Blizzard, also known as Sandworm, has intensified its cyber operations through a campaign dubbed BadPilot.This...
CVE/vulnerability
30,000 WordPress Sites Exposed to Exploitation via File Upload Vulnerability
A critical security vulnerability in the "Security & Malware scan by CleanTalk" plugin has left over 30,000 WordPress websites exposed to exploitation.The vulnerability, identified...
Cyber Security News
10,000 WordPress Websites Hacked to Distributing MacOS and Microsoft Malware
Over 10,000 WordPress websites have been hijacked to deliver malicious software targeting both macOS and Windows users.Researchers revealed this week how attackers leveraged vulnerabilities...
CVE/vulnerability
WordPress Plugin Vulnerability Exposes 23k+ Websites to Hacking
Researchers from Patchstack have warned that over 23,000 real estate websites using the popular RealHomes WordPress theme and its bundled Easy Real Estate plugin...
Cyber Crime
Credit Card Skimmer Hits WordPress Checkout Pages, Stealing Payment Data
Researchers analyzed a new stealthy credit card skimmer that targets WordPress checkout pages by injecting malicious JavaScript into the WordPress database. On checkout pages, the...